AdminTutanota Support (Admin, Tutanota)

My feedback

  1. 1 vote
    Vote
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      Signed in as (Sign out)
      You have left! (?) (thinking…)
      1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
      AdminTutanota Support (Admin, Tutanota) commented  · 

      Which app and which device are you using?

    • 233 votes
      Vote
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        Signed in as (Sign out)
        You have left! (?) (thinking…)
        18 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
        AdminTutanota Support (Admin, Tutanota) commented  · 

        Currently the badge gets an update when you open the ios app. It show the number of unread mails in your inbox.

      • 17 votes
        Vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          Signed in as (Sign out)
          You have left! (?) (thinking…)
          planned  ·  8 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
          AdminTutanota Support (Admin, Tutanota) commented  · 

          Thanks for the discussion on this issue and thanks for the pull request. We have had a look at it and how the email address can fit into the sender/recipients line. Unfortunately on mobile devices the space is very limited and adding the email address (name <email_address>) there would not be helpful in many cases. So we decided to add it only in desktop mode. As the pull request does not cover all cases, we will implement it on our own soon.

        • 103 votes
          Vote
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            Signed in as (Sign out)
            You have left! (?) (thinking…)
            2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
            AdminTutanota Support (Admin, Tutanota) commented  · 

            Thanks for your notice @Anon. It is very similar and we treat it like this, combining the votes in our heads. :)

          • 1 vote
            Vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              Signed in as (Sign out)
              You have left! (?) (thinking…)
              1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
              AdminTutanota Support (Admin, Tutanota) commented  · 

              Unfortunately, codeclimate requests write access to our repositories which is not acceptable. Is there a simple way to embed jslint checks?

            • 2 votes
              Vote
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                Signed in as (Sign out)
                You have left! (?) (thinking…)
                2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                AdminTutanota Support (Admin, Tutanota) commented  · 

                @Colin, thanks we did! :)

              • 8 votes
                Vote
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  Signed in as (Sign out)
                  You have left! (?) (thinking…)
                  3 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                  AdminTutanota Support (Admin, Tutanota) commented  · 

                  @Andre Currently there is no filtering, but we plan to add this!

                • 28 votes
                  Vote
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    Signed in as (Sign out)
                    You have left! (?) (thinking…)
                    2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                    AdminTutanota Support (Admin, Tutanota) shared this idea  · 
                  • 18 votes
                    Vote
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      Signed in as (Sign out)
                      You have left! (?) (thinking…)
                      2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →

                      Thanks for requesting a feature for further improving the security of Tutanota! We currently use TLS and DANE to protect authentication and integrity data and (only tunneled) RSA and AES to provide additional confidentiality. Neither the confidentiality nor the integrity of your data is currently at risk. In order to increase the security of Tutanota even further, we will implement digital signatures soon.

                      AdminTutanota Support (Admin, Tutanota) commented  · 

                      @Max We do. :) Here is a detailed answer to this report. SInce there is no feasible attack vector, no immediate action is necessary. However, we will improve the discussed issue soon:

                      This is not a vulnerability in Tutanota. We have built Tutanota with multiple layers of protection for our users. We currently use TLS and DANE to protect authentication and data integrity and (only tunneled) RSA-OAEP and AES-CBC to provide confidentiality. We have always communicated this transparently, it is nothing new. Neither the confidentiality nor the integrity of our users' data has been at risk.
                      However, we know that the implementation is not perfect regarding this detail. That is why we are going to implement the following features as soon as possible:
                      - Signatures/MAC
                      - 2-factor authentication
                      - Algorithms resistant to attacks of quantum computers
                      - Simple verification of downloaded Tutanota apps
                      Regarding the described issue, we know of two possible attacks on AES-CBC. Neither of them is feasible against Tutanota users:
                      - Bit flipping: You need access to the plain text email and you have to be the MITM. - - Plaintexts are available at the sender and recipient only. We use secure TLS algorithms and DANE to protect against MITM.
                      - Padding oracle: There is no padding oracle in Tutanota.
                      Tl;dr
                      There is no known vulnerability in Tutanota. Security is the heart of Tutanota, and we will fix vulnerabilities immediately.

                    • 16 votes
                      Vote
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        Signed in as (Sign out)
                        You have left! (?) (thinking…)
                        4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                        AdminTutanota Support (Admin, Tutanota) commented  · 

                        @Stephan The android app relies on push from Google. If you get the app directly from us, it won't have push, sorry.

                      • 10 votes
                        Vote
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          Signed in as (Sign out)
                          You have left! (?) (thinking…)
                          2 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                          AdminTutanota Support (Admin, Tutanota) commented  · 

                          Hi there, it would be possible to build such a feature while keeping your privacy. For instance, we do not have to store the ip address of your account's last login while it could be stored encrypted within your account, only visible to you.

                        • 129 votes
                          Vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            Signed in as (Sign out)
                            You have left! (?) (thinking…)
                            6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                            AdminTutanota Support (Admin, Tutanota) commented  · 

                            Thanks for your comment. We'll always focus on security and usability, no matter what we'll include. Because everything will use the same encryption technology.

                          • 65 votes
                            Vote
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              Signed in as (Sign out)
                              You have left! (?) (thinking…)
                              4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                            • 1 vote
                              Vote
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                Signed in as (Sign out)
                                You have left! (?) (thinking…)
                                4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                AdminTutanota Support (Admin, Tutanota) commented  · 

                                Thanks for your feedback, we need to know what browser you are using so that we can reproduce it.

                              • 8 votes
                                Vote
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  Signed in as (Sign out)
                                  You have left! (?) (thinking…)
                                  4 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                  AdminTutanota Support (Admin, Tutanota) commented  · 

                                  Currently email addresses of persons you send emails to are automatically saved to your address book to make it more convenient.
                                  This is particularly important if you send encrypted mails to non-Tutanota users as the password you shared with them needs to be saved within your account.

                                • 13 votes
                                  Vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    Signed in as (Sign out)
                                    You have left! (?) (thinking…)
                                    6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                    AdminTutanota Support (Admin, Tutanota) commented  · 

                                    We opted against blocking usernames for other domains as only the tutanota.de and the tutanota.com domain match. Because of this, we also gave you one alias for free so that you may block your username yourself.

                                  • 1 vote
                                    Vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      Signed in as (Sign out)
                                      You have left! (?) (thinking…)
                                      6 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                      AdminTutanota Support (Admin, Tutanota) commented  · 

                                      Thanks for your discussion. It's a risk we are willing to take. :) We love the name tutanota and it's meaning, but we also see the need for an easy email address. That's why we are offering additional domains now without changing our branding strategy. Tutanota is the brand - 'secure message' - but just because you like the brand, we do not want to force you to have it in your email address.

                                    • 47 votes
                                      Vote
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        Signed in as (Sign out)
                                        You have left! (?) (thinking…)
                                        planned  ·  7 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                        AdminTutanota Support (Admin, Tutanota) commented  · 

                                        Updated the title and description from manual to automatic sync.

                                      • 378 votes
                                        Vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          Signed in as (Sign out)
                                          You have left! (?) (thinking…)
                                          under review  ·  27 comments  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                          AdminTutanota Support (Admin, Tutanota) commented  · 

                                          Yes, Yogev, the feedback system does not work via Tor. Sorry for the inconvenience.

                                        • 6 votes
                                          Vote
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            Signed in as (Sign out)
                                            You have left! (?) (thinking…)
                                            1 comment  ·  General  ·  Flag idea as inappropriate…  ·  Admin →
                                            AdminTutanota Support (Admin, Tutanota) commented  · 

                                            Could you elaborate on this?

                                          Feedback and Knowledge Base